Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          SAFF3KMRKzaYyFR7716n8Xn7kisMZ/vRhyZLb7qvBnE=
Subject key identifier:   39:FA:E6:80:E5:ED:72:26:60:CC:C5:26:52:AE:EA:D1:3A:33:DB:E4
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019D389BC88FD2EC7346C8F56CC39B011891
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          069E
Signing time:             Sun 29 Mar 2026 08:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:26 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: VFVzIu6IQQbxCFonTRGn3NtbLoWS13QTXybGqHBmiu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:c8:8f:d2:ec:73:46:c8:f5:6c:c3:9b:01:18:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Mar 29 08:00:26 2026 GMT
            Not After : Mar 30 08:00:26 2026 GMT
        Subject: CN=39fae680e5ed722660ccc52652aeead13a33dbe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:69:be:da:54:5c:78:d3:38:49:8e:93:10:ec:
                    42:da:5f:53:1f:68:5b:2f:21:5a:4f:e5:e3:84:8d:
                    c2:5b:e1:9a:3b:0c:e9:bc:c4:57:73:e5:03:31:dd:
                    c1:30:b0:5b:23:f0:dd:eb:ec:e5:5d:a5:58:21:09:
                    60:c2:29:43:bf:e6:31:79:8a:12:2e:71:db:e0:4c:
                    44:c3:68:d5:fa:18:b8:ba:18:00:fc:21:d6:64:c2:
                    2b:1b:72:ac:71:fa:91:a0:27:ba:e1:19:fb:f9:ac:
                    99:88:fd:fd:7d:0f:5a:f5:6f:8b:f5:4b:ec:be:cc:
                    fa:4f:c7:18:cc:39:e6:17:b1:8b:84:b0:6f:43:98:
                    06:39:1f:1f:3f:ef:fb:d8:c8:88:dd:0d:0b:87:fa:
                    42:bf:77:0b:b0:6f:e3:41:62:7e:bb:68:a7:cd:34:
                    a6:7d:2f:29:bc:ed:22:8f:3a:ad:16:ad:05:d4:e1:
                    6c:db:14:1c:46:fa:41:fd:78:92:77:75:e2:39:8a:
                    2b:fb:3a:35:92:34:9d:80:d6:04:ab:f0:3f:82:36:
                    56:95:2d:3d:f7:2f:91:51:52:8e:99:ca:5a:64:98:
                    d1:b9:8e:81:af:00:68:8a:cc:22:a3:cd:68:77:4c:
                    1a:7a:eb:0b:c5:ff:25:8d:d0:fc:22:70:83:7c:aa:
                    da:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:FA:E6:80:E5:ED:72:26:60:CC:C5:26:52:AE:EA:D1:3A:33:DB:E4
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:c2:f9:30:62:a7:06:ab:d0:89:44:e9:13:ba:d8:3b:a2:16:
         08:48:3d:94:37:95:22:15:93:88:10:c6:f4:79:30:b4:33:fc:
         be:d6:82:9b:1a:c3:b0:0f:7a:ee:c2:0f:0e:d7:3c:42:2d:f5:
         45:7a:ca:d5:0e:bf:80:0e:47:04:3a:6b:f8:57:de:65:65:fd:
         24:ec:c7:8d:50:85:d7:db:20:7d:ab:d7:1a:7c:5a:87:0f:ae:
         2c:1c:0c:52:ba:d1:61:49:69:c4:2e:7f:28:1c:1b:a7:51:cf:
         09:11:72:fa:af:f8:d5:7d:b7:6d:4c:b8:7d:71:bf:d2:bc:04:
         84:23:73:6a:97:11:65:ae:ab:f4:3b:4e:94:16:da:34:f2:d6:
         d2:00:b1:42:c8:ca:69:1e:63:13:fa:91:16:28:e5:4a:ab:b2:
         03:29:0d:26:36:7b:72:67:7f:e8:30:04:b0:24:06:e6:bd:0e:
         0f:8d:59:86:e3:7b:05:98:c6:9e:6a:73:bf:79:20:77:e0:d2:
         ae:69:e1:64:7d:b4:49:85:4b:9a:34:28:00:c3:0e:24:67:22:
         29:30:1f:bf:04:aa:d7:62:9d:38:83:46:9b:89:b7:7b:eb:e7:
         0e:aa:10:e8:82:6f:9f:90:19:93:cd:dc:d8:61:5c:24:57:1f:
         9a:c5:81:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m8iP0uxzRsj1bMObARiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjYwMzI5MDgwMDI2WhcNMjYwMzMwMDgwMDI2WjAzMTEwLwYDVQQD
EygzOWZhZTY4MGU1ZWQ3MjI2NjBjY2M1MjY1MmFlZWFkMTNhMzNkYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2m+2lRceNM4SY6TEOxC2l9TH2hb
LyFaT+XjhI3CW+GaOwzpvMRXc+UDMd3BMLBbI/Dd6+zlXaVYIQlgwilDv+YxeYoS
LnHb4ExEw2jV+hi4uhgA/CHWZMIrG3KscfqRoCe64Rn7+ayZiP39fQ9a9W+L9Uvs
vsz6T8cYzDnmF7GLhLBvQ5gGOR8fP+/72MiI3Q0Lh/pCv3cLsG/jQWJ+u2inzTSm
fS8pvO0ijzqtFq0F1OFs2xQcRvpB/XiSd3XiOYor+zo1kjSdgNYEq/A/gjZWlS09
9y+RUVKOmcpaZJjRuY6BrwBoiswio81od0waeusLxf8ljdD8InCDfKra1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDn65oDl7XImYMzFJlKu6tE6M9vkMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANML5MGKn
BqvQiUTpE7rYO6IWCEg9lDeVIhWTiBDG9HkwtDP8vtaCmxrDsA967sIPDtc8Qi31
RXrK1Q6/gA5HBDpr+FfeZWX9JOzHjVCF19sgfavXGnxahw+uLBwMUrrRYUlpxC5/
KBwbp1HPCRFy+q/41X23bUy4fXG/0rwEhCNzapcRZa6r9DtOlBbaNPLW0gCxQsjK
aR5jE/qRFijlSquyAykNJjZ7cmd/6DAEsCQG5r0OD41ZhuN7BZjGnmpzv3kgd+DS
rmnhZH20SYVLmjQoAMMOJGciKTAfvwSq12KdOINGm4m3e+vnDqoQ6IJvn5AZk83c
2GFcJFcfmsWBPw==
-----END CERTIFICATE-----